Zero Day Virus

A zero-day virus is a type of computer virus that takes advantage of security

weaknesses/vulnerabilities in software that the developers of the software don't
know about yet.

The reason of being the term "zero-day" is that the developers have had zero
days to fix the problem before it's exploited by hackers.

Sometimes hackers or malicious attackers spot the vulnerability in software

before the software developers do. Hackers earlier know the weakness in the
security flaw of software and the software developers are still unaware.

That's why, it means the developers have “zero days” to prevent the attack or
fix it when hackers take advantage of the vulnerability before developers have a
chance to address it.

When developers become aware of the attack, they started looking out for
vulnerabilities to address and then develop a solution when they release an updated
version.

Target of Zero-day Virus

Operating systems
Web browsers
Office applications
Open-source components
Hardware and firmware
Internet of Things (IoT)

Risk

Exploitation of Unknown Vulnerabilities

Zero-day viruses take advantage of previously unknown software
vulnerabilities. Since the developers are unaware of these vulnerabilities, there
are no security patches or fixes available. This means that systems and users are
defenseless against attacks targeting these vulnerabilities.

Targeted Attacks
Zero-day vulnerabilities are often used in targeted attacks. Hackers can
strategically exploit these vulnerabilities to gain unauthorized access to specific
systems, networks, or individuals

Limited Time to Respond

Zero-day attacks leave little to no time for developers or security experts
to develop and deploy countermeasures

Spreading Malware
Zero-day viruses can be designed to spread rapidly across multiple systems.
They can act as a vehicle for malware delivery

Financial Losses and Reputational Damage

Zero-day attacks can result in financial losses for individuals,
organizations, or even entire industries. Stolen data, financial fraud, or
disruptions to critical services can have severe financial implications
A short list of common goals in zero-day attacks:

Gain unauthorized access to systems or networks.

Steal sensitive data, such as personal information or

Use the compromised systems for further attacks, such as launching botnets or
distributing malware.

Exploit the vulnerability for financial gain, such as conducting ransomware

attacks or extortion.

Undermine the reputation or credibility of targeted individuals,

organizations, or even entire industries.

Gather intelligence for future attacks or cyber warfare activities.

==========================================================

Malware

malicious software
a broad term used to describe various types of malicious computer programs,
such as viruses, trojans, and other destructive software.
These programs are employed by threat actors with the goal of infecting
systems and networks in order to obtain unauthorized access to sensitive
information.

Main Objective

Provide remote control for an attacker to use an infected machine.

Send spam from the infected machine to unsuspecting targets.
Steal sensitive data.

1 == Virus Malware
Programs that copy themselves throughout a computer or network.
At their worst, viruses can corrupt or delete data, use the user’s email to
spread, or erase everything on a hard disk.

How they spread

When an infected file is downloaded or transferred to another system, the

virus can spread and infect the new host.
spread by infecting other programs or files.
Malware viruses piggyback on existing programs and can only be activated when
a user opens the program.

The main objective of virus malware

To infect systems and networks with the intention of causing harm, gaining
unauthorized access, stealing sensitive information, disrupting system
functionality, creating botnets, extorting victims for financial gain, and
spreading rapidly

2 == Trojans

Trojans are a type of malicious software that relies on deception and social
engineering to infect and compromise computer systems
Once activated, malware Trojans will conduct whatever action they have been
programmed to carry out
Trojans do not replicate or reproduce through infection
It performs actions that are different from what the user expects. It may
create a backdoor, which allows remote access to the compromised system, or it can
modify system settings, steal sensitive information, log keystrokes, or download
additional malware components.

Main Objective of Trojan

Unauthorized access to systems.
Stealing sensitive data.
Remote control of compromised systems.
Keylogging and surveillance.
Forming botnets for large-scale attacks.
Disrupting system functionality.
Spreading to other systems.

3 == Spyware
Spyware is malicious software that enters a user’s computer, gathers data
from the device and user, and sends it to third parties without their consent.
A commonly accepted spyware definition is a strand of malware designed to
access and damage a device without the user’s consent.
Spyware is one of the most commonly used cyberattack methods that can be
difficult for users and businesses to identify and can do serious harm to networks
Collects personal and sensitive information that it sends to advertisers,
data collection firms, or malicious actors for profit.
Attackers use it to track, steal, and sell user data, such as internet usage,
credit card, and bank account details, or steal user credentials to spoof their
identities.

4 == Adware

software that automatically displays or downloads advertising material such

as banners or pop-ups when a user is online.
Adware refers to a type of malware that displays unwanted advertisements on
your computer or device.
Adware is commonly activated unknowingly when users are trying to install
legitimate applications that adware is bundled with.
adware can be safe, some pop-up windows intend to not only display
advertisements but also collect data and information in order to target you
adware can direct you to malicious websites and infected pages through
various advert links, putting you at risk of computer viruses.

Keylogger?

form of malware or hardware that keeps track of and records your keystrokes
as you type.
takes the information and sends it to a hacker using a command-and-control
(C&C) server.
The hacker then analyzes the keystrokes to locate usernames and passwords and
uses them to hack into otherwise secure systems
Software keyloggers consist of applications that have to be installed on a
computer to steal keystroke data. They are the most common methods hackers use to
access a user’s keystrokes.
if programmed to do so, it can spread to other devices the computer comes in
contact with.
software keylogger can keep track of your keystrokes and record each one.
After the keystrokes have been recorded, they are then automatically transferred to
the hacker

A hardware keylogger works much like its software counterpart. The biggest
difference is hardware keyloggers have to be physically connected to the target
computer to record the user's keystrokes.
For this reason, it is important for an organization to carefully monitor who
has access to the network and the devices connected to it.

===================================================
Boot Sector = Attack Operating System
Resident Virus = Make the system slow down - Harm

Virus - Can have, it doesn't matter but the problem starts when the users run the
infected program and can replicate

Worm - Self-Replicate (Attack Service Availability)

Trojan - Polymorph as a regular program but creating a backdoor for dangerous

activities

Ransomware - Program that encrypts every data files

Attack Disk - D
Can open the files but can't read
To decrypt them,